Which of the following guarantees | Malicious Border Communicati | Centralized 
"should detect and protect spam code protection on control 
at critical network nodes and prevention transmission 
maintain upgrades and updates of 
the spam protection mechanism" 
in security 2.0? 
In IPSEC VPN. Which of the Between Between Between Between tunnel 
following scenarios can be applied | security the host hosts and made and 
by tunnel mode? gateways and the security transport mode 
host gateways 
Which of the following attacks is ICMP Teardrop Smurf attack | TCP 
not a malformed packet attack? unreachabl | attack fragmentation 
e packet attack 
attack 
After the network attack event Inhibition Recovery Detection Preparation stage 
occurs, set the isolation area, phase phase phase 
summary data, and estimated loss 
according to the plan. Which 
stage does the above actions 
belong to the work contents of in 
the network security emergency 
response? 
Which of the following options HR Security Technical Network System 
does not include the respondents administrat | leader Administrator 
in the questionnaire for safety or 
assessment? 
Which of the following is not Impact Risk Business Accident handling 
included in the Corporate Impact | assessment | identificatio | priority priority 
Analysis (BIA)? n 
Which of the following is correct Display Display Display Count security- 
for the command to view the security- firewall security- policy hit 
number of security policy policy all session policy count 
matches? table 
Which of the following statements | IPSec SA is | Used to IPSec SA is Used to generate 
about IPSec SA is true? one-way generate an | two-way a secret algorithm 
encryption 
key 
When the following conditions Session Manually Firewall Dual hot backup 
occur in the VGMP group, the table entry | switch the | service function enabled 
VGMP message will not be sent to | changes active and | interface 
the peer end actively? standby failure 
status of 
the firewall 
In the digital signature process, User data Receiver Receiver Symmetric key 
which of the following is the public key | private key 
HASH algorithm to verify the 
integrity of the data transmission? 
In the USG series firewall, which Display Display Display nat Display current 
of the following commands can be | firewall firewall nat | translation nat 
used to query the NAT translation | session translation 
result? table 
As shown in the figure, a TCP at+1: a+1 b+1:b a: a+1 a+1:a 


connection is established between 
client A and server B Which of the 
following two “T packet numbers 
should be? 


LV (500. <a 


OY 
cK SE 
mes 
Client ao in 


ACk rl tp 


ac 
Tan PR 


There are various security threats | Natural Malicious Hacking DDos attack 
in the use of the server. Which of | disasters programs 
the following options is not a 
server security threat? 
Which of the following is non- DH RC4 AES 3DES 
symmetric encryption algorithm? 
Which of the following is correct Can be May IP There is a No authentication 
about the description of SSL VPN? | used encrypt NAT traversal | required 
without a layer problem 
client 
In the USG system firewall, Port Packet MAC and IP Long connection 
the function can be used to | mapping filtering address 
provide well-known application binding 
services for non-known ports. 
Which of the following does not Data Manual Penetration Questionnaire 
include the steps of the safety analysis audit test I- survey 
assessment method? 
Which of the following The IKE is a IKE SA for IKE SA is two-way 
descriptions is wrong about IKE encryption | UDP - IPSec SA 
SA? algorithm based services 
used by application 
user data layer 
packets is protocol 
determined 
by IKE SA 
In the IPSec VPN transmission Transport Network New IP Original IP packet 
mode, which part of the data layer and layer and packet header | header 


packet is encrypted? 


upper layer 
data packet 


upper layer 
data packet 


Which of the following is not in Source Source IP Destination Destination IP 
the quintuple range? MAC port 
Which of the following attacks is MAC IP spoofing | ICMP attack Smurf attack 
not a cyber-attack? address attack 
spoofing 
attack 
Which of the following option does | RSA DES AES 3DES 
not belong to symmetric 
encryption algorithm? 
Which of the following is the Username User name | User name User name admin, 
username / password for the first | admin, admin, admin, password 
login of the USG series firewall? password password password admin@123 
Admin@123 | admin Admin123 
Which of the following types of Traffic Snooping Malformed Special packet 
attacks does the DDos attack attack scanning packet attack | attack 
belong to? attack 
Which of the following belongs to | L2TP VPN IPSec VPN | GRE VPN SSL VPN 
Layer 2 VPN technology? 
Electronic evidence preservation Message Encryption | Digital Digital certificate 
is directly related to the legal tag technology | signature technology 


effect of evidence, in line with the | tracking technology 
preservation of legal procedures, technology 
and its authenticity and reliability 
are guaranteed. Which of the 
following is not an evidence 
preservation technology? 
On Huawei USG series devices, Reset Clear Reset current- | Reset running- 
the administrator wants to erase saved- saved- configuration | configuration 
the configuration file. Which of configurati | configuratio 
the following commands is on n 
correct? 
Winch of the following is the Asymmetric | Symmetric 
encryption technology used in encryption | encryption 
digital envelopes? algorithm algorithm 
The preservation of electronic Packet tag | Digital Encryption Digital certificate 
evidence is directly related to the | tracking signature technology technology 
legal effect of evidence, and it is technology | technology 
in conformity with the 
preservation of legal procedures, 
and its authenticity and reliability 
are guaranteed. Which of the 
following is not an evidence 
preservation technique? 
Regarding the HRP master and Next hop Authenticat | Is the NAT policy 
backup configuration consistency | and ion Policy heartbeat 
check content, which of the outbound interface 
following is not included? interface of configured 

static route with the same 

serial 
number? 

The GE1/0/1 and GE1/0/2 ports of | No need to | Need to Need to Need to configure 
the firewall belong to the DMZ. If | do any configure configure DMZ to local 
the area connected to GE1/0/1 can | configurati | an local to DMZ | security policy 
access the area connected to on interzone security 
GE1/0/2, which of the following is security policy 
correct? policy 
Which of the following The IKE SA is IKE isa UDP | IKE SA servers 
descriptions about IKE SA is encryption | two-way - based for IPSec SA 
wrong? algorithm application 

used by layer protocol 

user data 

packets is 

determined 

by IKE SA 
Which of the following traffic Traffic of The first DHCP, BGP, Access device or 
matches the authentication policy | visitors DNS packet | OSPF and device initiated 
triggers authentication? accessing correspondi | LDP packets | traffic 

HTTP ng to the 

services HTTP 

service 
data flow 

Security technology has different | IPS/IDS Firewall Anti-DDoS Vulnerability 
approaches at different technical | equipment equipment scanning device 


levels and areas. Which of the 
following devices can be used for 


network layer security protection? 


Intrusion prevention system Self- Real-time | Online mode | Straight road 
technical characteristics include learning blocking deployment 
and 
adaptive 
Which of the following are the Server Network Data is stolen | The page has 
hazards of traffic attacks? downtime paralysis been tampered 
Which of the following are remote | HWTACACS | RADIUS Local LLDP 
authentication methods? 
Which of the following are the Dynamic ServerMap | Session Routing table 
status information that can be blacklist entry table 
backed up by the HRP (Huawei 
Redundancy Protocol) protocol? 
Which of the following information | Symmetric | User data | Receiver Receiver private 
will be encrypted during the use key public key key 
of digital envelopes? 
Which of the following are part of | File sharing | User Port scanning | WEB rewriting 
the SSL VPN function? authentica 
tion 
Which of the following does the Confidentia | Integrity Source Controllability 
encryption technology support for | lity verification 
data during data transmission? 
Which of the following options are | IPSec VPN | SSL VPN L2TP VPN GRE VPN 
supplied by VPN technology to 
encrypt data messages 
Which of the following are multi- Windows LINUX UNIX MSDOS 
user operating systems? 
Which of the following options can | Set Restore Set out Change 
be used in the advanced settings connection | defaults inbound notification 
of Windows Firewall? security rules rules 
rules 
Which of the following are the 21 20 80 23 
standard port numbers for the 
FTP protocol? 
Which of the following are core Person Operation | Technology | Environment 
elements of the IATF (Information 
Assurance Technology 
Framework) model? 
Which of the following are in the Personnel Vulnerabil | Access Business 
certification area of IS027001? safety ity control continuity 
manageme management 
nt 
Which of the following 3re the SNMPv2c SNMPv3 SNMPv1 SNMPv2b 
versions of the SNMP protocol? 
Which of the following are the Key Fast Confidential Key distribution 
characteristics of a symmetric distribution | encryption | speed is slow | security is high 
encryption algorithm? is not 
secure 
Through display ike sa to see the | The first ike is The second ike is using 
result as follows, which stage ike sa | using stage ipsec sa | version v2 


statements are correct? has been version v1 | has been 
2a rhe E a __. | successfull successfully 
connection-id peer vpn flag phase doi y established 
oaf 2221 +0 ROST vist Pecos | established 
ri RL--REPLACED FD--FADING TO--TIMEOUT 
Which of the following statement | The firewall | When there | Configure The IP address in 
about the NAT configuration is does not is VoIP source NAT in | the address pool 
wrong? support service in -. transparent | can overlap with 
NAPT the mode, the the public IP 
conversion | network, firewall does | address of the 
for ESP and | you do not | not support NAT server 
AH packets. | need to easy-ip mode 
configure 
NAT ALG 
Regarding the firewall security If the Adjust the The number When configuring 
policy, which of the following security order of of security the security policy 
options are wrong? policy is security policy entries | name, you cannot 
permit, the | policies of Huawei reuse the same 
discarded without USG series name 
message saving the | firewalls 
will not configuratio | cannot exceed 
accumulate |n file. 128. 
the number 
of hits. 
The following security policy banned banned banned from | banned from trust 
command, representatives of the from trust from trust trust region region access to 
id region region access to untrust region 
Hille eames veiled access to access to untrust and the 
source-zone trust untrust untrust region and destination 
destination-zone untrust region and | region and | the source address is 10.1 0 
a 10.1.0.00.0.259.259 | the source | the address is 0/16 segment all 
action deny address is destination | 10.2.10.10 hosts ICMP messa 
meaning: # 10.1 0 0/16 | address is host to all the | ge 
segment all | 1011010 | hosts ICMP 
the hosts host ICMP | message 
ICMP message 
message 
In L2TP configuration for If do not Used to Must be Used to specify 
command Tunnel Name, which configure specify the | consistent the name of the 
statements are correct? the Tunnel | name of with Tunnel peer tunnel 
Name, the the end of | Name peer 
tunnel the tunnel | configuration 
name is the 
name of the 
local 
system 
Against Buffer overflow attacks, Buffer Bufter Buffer Buffer overflow 
which description is correct? overflow overflow overflow attack has 
attack attack Is attack is use | nothing to do with 
belongs to | the most of the operating 
the common software system's 
application | method of | system on vulnerabilities 
layer attack | attack memory and architecture 
behavior software operating 


system's defects, by 
behaviors | using high 
operating 
permission 
to run 
attack code 
Which of the following For By default, | By default, After the 
descriptions of the firewall fragmented | the the firewall fragmented 
fragment cache function are packets, number of | caches packet is directly 
correct? NAT ALG large fragmented | forwarded, the 
does not fragment | packets firewall forwards 
support the | caches of the fragment 
processing |an IPV4 according to the 
of SIP packet is interzone security 
fragmented | 32, and policy if it is not 
packets. the the fragmented 
number of packet of the first 
large packet 
fragmenta 
tion 
buffers of 
an IPV6 
packet is 
255 
In stateful inspection firewall, Packets If the Packets must | If the firewall 
when opening state detection must not firewall pass through | security policy 
mechanism, three-way Pass security the firewall, allows packets 
handshake's second packet (SYN through the | policy and through, then 
+ ACK) arrives the firewall. If firewall allows establishes a | creating the 
there is still no corresponding packets session table | session table 
session table on the firewall, then through, 
which of the following statement then the 
is correct? packets can 
pass 
through the 
firewall 
About the description about the By default, Preemption | After the By default, the 
preemption function of VGMP the means that | VRRP backup | preemption 
management, which of the preemption | when the group is function of the 
following statements is? wrong? delay of the | faulty added to the | VGMP 
VGMP primary VGMP management 
management | device management | group is enabled. 
group is 40s. | recovers, it | group, the 
priority will | original 
be restored. | preemption 
At this function on 
time, itcan | the VRRP 
regain its backup group 
own state is invalid. 
Which of the following statement | For some Some Address NAT technology 
about the NAT is wrong? non-TCP, application | Translation can effectively 
UDP layer can follow the | hide the hosts of 
protocols protocols needs of the LAN. it is an 
(such as earn/ IP | users, effective network 
ICMP, address providing security 
PPTP), information | FTP, WWW, protection technol 


unable to do | in the data, | Telnet and ogy 
the NAT but also | other services 
translation modify the | outside the 
P address LAN 
information 
in the data 
of the 
upper layer 
when they 
are as NAT 
Regarding the comparison windows is Windows Linux is open | Getting started 
between windows and Linux, open source, | can be source code, with Linux is 
which of the following statements | you can do compatible | you can do more difficult and 
is wrong? what you with most what you requires some 
want software want learning and 
playing guidance. 
most games 
Which of the following is true By default, By default, | By default, By default, the 
about firewall security policies? the security | the security | the security security policy 
policy only policy can policy can can 
controls control control control multicast 
unicast unicast unicast 
packets packets, packets and 
broadcast broadcast 
packets, packets. 
and 
multicast 
packets 
What are the advantages of Address Many host | Address Address 
address translation techniques conversion address conversion conversion that 
included? can block conversions | can make can handle the IP 
internal can make internal header of 
network the internal | network users | encryption 
users, LAN to (private P 
improve the | share an IP | address) easy 
safety of address on | access to the 
internal the Internet | Internet 
network 
Which of the following statement | remote users | After the LNS device LNS assign a 
about the L2TP VPN of Client- do not need | remote user | receives user | private IP 
initialized is wrong? to install access to L2TP address for remot 
VPN client internet, connection e user 
software can initiate | request, can 
L2TP verify based 
tunneling on user name 
request to and 
the remote | password. 
LNS 
directly 
through the 
client 
software 
Which of the following description | The Master/ master/slave | Periodically sends 


about the group management for | interface slave status | devices Hello packets 
VGMP is wrong? type and change of exchange between VGMP of 
number or VRRP packets to master/slave 
two firewalls | backup understand firewall 
heartbeat group each other 
port may be | needs to through the 
different, as | notify its heartbeat 
long as they | VGMP line, and 
can manageme | backup the 
communicat | nt group. related 
e with each commands 
other and status 
information 
Which of the following statements | VPN The VPN Virtual private 
is wrong about VPN? technology generation | technology is | network is 
necessarily of VPN a technology | cheaper than 
involves technology | that dedicated line 
encryption enables multiplexes 
technology employees | logica 
on business | channels or 
trips to actual 
remotely physical lines 
access 
internal 
corporate 
servers 
Which of the following Windows The The system Windows server 
descriptions about windows logs is | server 2008 | application | logis used to | 2008 security lug 
wrong? system logs | log contains | record the is Sluied in 
stored in the | events events security.evtx 
Application.e | logged by generated by 
vtx the the operating 
application | system 
or system components, 
program, including the 
mainly crash of the 
recording driver, system 
events in components 
the running | and 
of the application 


program. software, and 
data 

Regarding the problem that the The Online The The 
two-way binding user of the authenticatio | users have | authenticatio | authentication 
authentication-free method cannot | n-free user reached a n-free user action in the 
access the network resources, does not use | large value | and the authentication 
which of the following options are | the PC with authenticated | policy is se- to 
possible reasons? the specified user are in "No credit / 

IP/MAC the same free authenticatio 

address. security zone |n" 
Which of the following io true Depending In order to | Adding a The firewall 
about the description of the on the usage | avoid single | firewall to the | cannot 
firewall? scenario, the | point of network will transparently 


firewall can | failure. the | inevitably access the networ 

be deployed | firewall change the k. 

in only topology of 

transparent | supports the network 

moce or side-by-side 

deployed in | deployment 

a three- ; 

bedroom 

mode. 
Against IP Spoofing, which of the | Af-.er IP An attacker | IP spoofing is 
following description is wrong? spoofing would need | to use the 

attack is to cisguise | hosts' normal 

successful; the source | trust 

the attacker | IP relationship 

can use addresses based on the 

forged any as trusted IF 

IP address to | hosts, and address to lau 

imitate send the nch it 

legitimate data 

hast to segment 

access to with the 

critical SYN flag 

information | request for 

connection 

ASPF (Application Specific Packet | ASPF ASPF ASPF through | Quintuple server- 
Filter) is a kind of packet filtering | dynamically | monitors server map map entries 
based on the application layer, it create and the packets | table realize achieve a similar 
checks the application layer delete in the dynamic to functionality with 
protocol information and monitor | filtering process of | allow multi- session table 
the connection state of the rules communica | channel 
application layer protocol. ASPF tion protocol data 
by Server Map table achieves a to pass 


special security mechanism. 
Which statement about ASPF and 
Server map table are correct? 


Which of the following 
descriptions about the action and 


The security 
profile must 


If the action 
of the 


The security 
profile may 


If the security 
policy action is 


security profile of the security be applied to | security know: be "Allow", the 
policy are correct? the security | policy is applied to the | traffic will not 
policy that is | "prohibited | security match the 
allowed to ", the policy that security profile. 
take effect. device will | the action is 
discard this | allowed and 
traffic, and | take effect 
then no 
content 
security 
check will 
be perform 
ed. 
About the descriptions of windows | When When When setting | When setting the 
Firewall Advanced Settings, which | setting the setting the | the stacking pop-up rule, only 
of the following is wrong? stacking pop-up rule, only the | the local port can 
rule, both rule, both local port can | be restricted, and 
the local local ports | be restricted, | the remote port 


port and the 


and remote 


and the 


cannot be restrict 


remote port | ports can remote port ed 
can be be cannot be 
restricted restricted restricted 
Regarding the relationship and HRP is VRRP is VGMP is VGMP group in 
role of VRRPA/GMP/HRP. which of | responsible | responsible | responsible the active state 
the following statements are for data for sending | for may include the 
correct? backup free ARP to | monitoring VRRP group in 
during hot direct equipment the standby state 
standby traffic to failures and 
operation the new controlling 
primary fast switching 
device of equipment 
during 
active/stand 
by 
switchover 
Which description about when in passive initiative to passive closing 
disconnect the TCP connection 4 passive close | close the shut down the | party end need to 
times-handshake is wrong? receipt the sender sender first send a file to the 
first FIN. it after the FIN active application the 
will send FIN. closed, while | application will 
back an initiative to | the other close it 
ACK, and close must | received this | connection and 
randomly send backa | FIN perform | lead to senda 
generated to | confirmatio | passive shut FIN 
confirm the n, and will down 
serial confirm the 
number serial 
number is 
set to 
receive 
serial 
number 1 
As shown in the figure, a NAT When When When When configuring 
server application scenario is configuring | configuring | configuring NAT Server, the 
configured when the web an interzone | NAT an interzone internal address 
configuration mode is used. Which | security Server, the | security is 200.10.10.1 
of the following statements are policy, set internal policy, set the | and the external 
correct"? the source address is source address is 
# ees Security 10 1.1 2 security zone | 10.1.1.2. 
INAT zone to and the to DMZ and 
f Glob Untrust and | external the target 
: OD ihe target address is 2 | security zone 
DMZ ‘insid security 00.10.10.1 | to Untrust 
dundee zone to DMZ 
TP Server 
10.1.1.2/24 
Which of the following statements | A tunnel is Only one Each tunnel Each tunnel 
about Client-Initiated VPN is established L2TP carries carries multiple 
correct? between session and | multiple L2TP | L2TP sessions 


each access 
user and the 
LNS 


PPP 
connection 
are carried 
in each 
tunnel 


sessions and 
PPP 
connections. 


and one PPP 
connection. 


